Omnipressteam Omnipress
6 CVEs affecting Omnipressteam Omnipress. Latest disclosed: 2026-02-19. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-24538 | High | 7.5 | 2026-01-23 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in omnipressteam Omnipress omnipress allo… |
CVE-2024-49278 | High | 7.1 | 2024-10-17 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omnipressteam Omnipress omnipress allows Stored XSS.This… |
CVE-2026-25432 | Medium | 6.5 | 2026-02-19 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omnipressteam Omnipress omnipress allows Stored XSS.This… |
CVE-2025-53276 | Medium | 6.5 | 2025-06-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omnipressteam Omnipress omnipress allows DOM-Based XSS.Th… |
CVE-2025-12163 | Medium | 6.4 | 2025-12-05 | The Omnipress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.5 due to insuffi… |
CVE-2024-13407 | Medium | 4.3 | 2025-03-14 | The Omnipress plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.5.4 via the megamenu block due to insufficient… |